Arbitrary Command Execution Vulnerability in Talkd by Sun Microsystems
CVE-1999-0048

Currently unrated

Key Information:

Vendor: Debian
Status: Netkit
Vendor: CVE Published:; 27 January 1997

Summary

The Talkd service, developed by Sun Microsystems, is vulnerable to arbitrary command execution when it processes corrupt DNS information. This flaw allows an attacker to send specially crafted DNS responses, enabling them to execute commands with root privileges. As a result, the integrity and security of the affected systems are at significant risk, highlighting the need for prompt remediation to mitigate potential exploits.

References

http://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&...

vendor-advisoryx_refsource_SUN

Timeline

Vulnerability Reserved
Jun 7, 1999
Vulnerability published
Jan 27, 1997